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DETAILED ACTION 

1 . The Amendment, and remarks therein, received on 3/18/2005 have been entered 
and carefully considered. 

2. The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior office action. 

Response to Amendment 

3. Applicant's arguments have been carefully considered but they were not found 
persuasive. 

4. The relevance of most of the arguments presented by applicant is not understood 
and as a result is not addressed. For example on pg. 20 in regard to "mailbox" 
applicant discuses a battery, a monotonic counter etc. in relation to "the fundamental 
deficiency of Hadfiled", wherein the term: "the fundamental deficiency" is left open 
for guessing. 

5. As per claims rejection of claims 31, 37 and 50 applicant argues that the data cited 
in the claims' language is directed towards specific data and as a result the 
examiner's rejection is moot. 

6. Applicant challenges the examiner's argument (pg. 19) that a computer RAM in 
Windows NT Server that stores input and output data in memory banks is not a 
mailbox RAM. To make his point, applicant recites limitations that are not present in 
the claim language . Applicant refers to the specification but the relevance of the 
specification is not clear since it not only uses phrases such as "may be" but also 
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discusses "one embodiment", which suggests that other embodiments are 
permissible. 

7. Claims 1-10, 12-29, 31-48, 50-52 have been examined. 

8. Claims 1, 11-13, 15-16, 21, 30, 32-35, 38-39 and 40-41, 44-46, 51-52 are rejected 
under 35 U.S.C. 102(b) as being anticipated by Hadfield et al. (Lee Hadfield, Dave 
Hatter, Dave Bixler, "Windows NT Server 4 security handbook", 1997, ISBN: 
078971213-x.) 

9. As per claim 1 Hadfield et al. teach that a processor is configured to operate in an 
operating mode, wherein the operating mode is one of a plurality of operating modes 
including a secure operating mode and secure assets (e.g. files) that can only be 
accessed in the secure mode. Windows NT runs on hardware, the computers that 
use processors. Each user that accesses any Windows NT Server-based resources 
first must be validated by the system, and the user is required to enter a valid 
password before any interactive Windows session is allowed (pg. 45, User Accounts 
in a Windows NT Environment). 

Computer RAM in Windows NT Server stores input and output data in memory 
banks (mailbox RAM), and the input data for the one or more secured assets is 
addressed to the RAM and the output data is retrieved from an address at the RAM. 

10. Claims 21, 34, 39 and 40 are substantially equivalent to claim 1; therefore claims 21, 
34, 39 and 40 are similarly rejected. 
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1 1 . As per claim 15 the limitation "scratchpad RAM, wherein each of the one or more 
secured assets is configured to access the scratchpad RAM for the storage of data" 
is taught because computers store applications and files accessed by users in 
(scratchpad) RAM. 

12. Also, as discussed above in reference to claim 1 , users don't have access to the 
system until the log-on sequence allows them to log-on to the system and enter the 
secure mode. It is inherent to have filters configured not to provide input data to 
RAM if the processor is not operating in the secure operating mode. 

13. Upon receipt of the access request if the processor is not operating in the secure 
operating mode (placing an incorrect password and/or user name while attempting 
to access the system) will result in an error message and denial of access to the 
system will result in a predetermined response in lieu of data. 

14. Claims 17-18, 31, 37 and 50 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hadfield et al. (Lee Hadfield, Dave Hatter, Dave Bixler, "Windows 
NT Server 4 security handbook", 1997, ISBN:- 07897121 3-x) in view of Official 
Notice. 

15. As per claims 17-18 access locks configured to disable the access filters in ah 
unlocked mode is implicit, otherwise a user would have to log-in to the system each 
time the user tries to access some files. 

16. Hadfield et al. do not explicitly teach the access filters being configured to provide a 
predetermined response in lieu of data if the processor is not operating in the secure 
operating mode. 
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Official Notice is taken that it is old and well-known to provide a predetermined 
response in lieu of data upon receipt of an access request to restricted assets. 
It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to configure the access filters to provide a predetermined response in lieu 
of data upon receipt of an access request to restricted assets. One of ordinary skill in 
the art would have been motivated to perform such a modification so that a user 
would be aware of the failure and take appropriate action (type password again, for 
example). 

17. As per claims 31, 37 and 50 Hadfield et al. do not explicitly teach providing a 
predetermined response in lieu of data upon receipt of an access request to 
restricted assets. 

Official Notice is taken that it is old and well-known to provide a predetermined 
response in lieu of data upon receipt of an access request to restricted assets. 
It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to provide a predetermined response in lieu of data upon receipt of an 
access request to restricted assets. One of ordinary skill in the art would have been 
motivated to perform such a modification so that a user would be aware of the failure 
and take appropriate action (type password again, for example). 

18. Claims 19-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hadfield et al. (Lee Hadfield, Dave Hatter, Dave Bixler, "Windows NT Server 4 
security handbook", 1997, ISBN: 078971 21 3-x) in view of Heald et al. (U.S. Patent 
No. 5272382). 
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19. Hadfield et al. teach a system including secured assets and security hardware as 
discussed above. 

Hadfield et al. do not teach a battery wherein the battery provides reserve power to 
one or more secured assets and to the security hardware. 
Heald et al. teach a battery providing reserve power in case of a power interruption 
(Heald et al., Abstract and col. 7 lines 8-16). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to include a battery providing reserve power to Hadfield et al.'s system 
including secured assets and security hardware as taught by Heald et al. One of 
ordinary skill in the art would have been motivated to perform such a modification in 
order to avoid loss of data and damage of secure assets and hardware (Heald et al., 
col.1 lines 49-52). 

20. Claims 24 and 43 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hadfield et al. (Lee Hadfield, Dave Hatter, Dave Bixler, "Windows NT Server 4 
security handbook", 1997, ISBN: 078971213-x.) in view of Vogt et al. (U.S. Patent 
No.6775776). 

21 . Hadfield et al. teach a system as discussed above. 

Hadfield et al. do not explicitly teach a monotonic counter, and permitting access to 
secured assets includes requesting a value stored in the monotonic counter and 
receiving the value stored in the monotonic counter (col. 7 line 66- col. 8 line 2). 
Vogt et al. teach a monotonic counter (Vogt et al., col. 7 line 56-col. 8 line 7) and 
implicitly teach permitting access to secured assets includes requesting a value 
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stored in the monotonic counter and receiving the value stored in the monotonic 
counter. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
. invention to use a monotonic counter wherein permitting access to secured assets 
includes requesting a value stored in the monotonic counter and receiving the value 
stored in the monotonic counter as taught by Vogt et al. One of ordinary skill in the 
art would have been motivated to perform such a modification in order to prevent a 
communication from being recorded and later played back to simulate a legitimate 
communication (Vogt et al., col. 7 lines 64-66). 

22. Claims 23 and 42 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hadfield et al. (Lee Hadfield, Dave Hatter, Dave Bixler, "Windows NT Server 4 
security handbook", 1997, ISBN: 078971213-x.) in view of Anderson, Jr. (U.S. 
Patent No.5805674). 

23. Hadfield et al. teach a system as discussed above. 

Hadfield et al. do not teach the secure asset including a random number generator 
where permitting access to the secured assets includes requesting and receiving a 
random number from the random number generator. 

Anderson, Jr. teach a random number generator facilitating the random selection of 
the security phrases which read on requesting and receiving a random number from 
the random number generator (Anderson, Jr., col. 7 lines 55-60). 
It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to include a random number generator as secure assets to the Hadfield et 
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al.'s system in such a way that permitting access to the secured assets would 
include requesting and receiving the random, number as taught by Anderson, Jr. One 
of ordinary skill in the art would have been motivated to perform such a modification 
in order to increase security (Anderson, Jr., col. 7 line 55-60). 

24. Claims 2 and 14, 22 and 37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hadfield et al. (Lee Hadfield, Dave Hatter, Dave Bixler, "Windows 
NT Server 4 security handbook", 1997, ISBN: 07897121 3-x.) in view of Aaro et al. 
(U.S. Patent No. 6662020) and in view of Official Notice. 

25. Hadfield et al. teach inbox mailbox RAM storing input data for the one or more 
secured assets and an outbox mailbox RAM storing output data from the one or 
more secured assets as discussed above. 

Hadfield et al. do not teach access filters configured to provide input data or access 
request to the inbox of the mailbox RAM if the processor is operating in the secure 
operating mode wherein the access filters are further configured not to provide input 
data to the inbox of the mailbox RAM if the processor is not operating in the secure 
operating mode, and wherein the access filters are further configured to provide a 
predetermined response in lieu of data upon receipt of said access request if the 
processor is not operating in the secure operating mode. 
Aaro et al. teach a device including a secure memory for storing data directly 
coupled to the display in the secure mode of operation. The hardwired connections 
to secure memory in the secure mode ensures that data shown on the display is 
indeed the data that is processed and signed off in the secure mode of operation 
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(Abstract). The secure memory 1 is accessed only by the cryptographic module 
and the CPU, display and possibly the keypad, or rather its buffer, in the secure 
mode of operation. In the normal mobile phone mode of operation, access to this 
secure memory is impossible (col. 4 lines 55-61). The above reads oh providing 
input data or access request to the inbox of the mailbox RAM if the processor is 
operating in the secure operating mode wherein the access filters are further 
configured not to provide input data to the inbox of the mailbox RAM if the processor 
is not operating in the secure operating mode. The use of access filters configured 
appropriately so that task can be accomplished is implicit. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to access filters configured to provide input data or access request to the 
inbox of the mailbox RAM if the processor is operating in the secure operating mode 
wherein the access filters are further configured not to provide input data to the 
inbox of the mailbox RAM if the processor is not operating in the secure operating 
mode as taught by Aaro et al. One of ordinary skill in the art would have been 
motivated to perform such a modification in order to prevent malicious programs 
such as viruses, to gain access to secure memory affecting secure assets (Aaro et 
al. col. 2 lines 25-37). 
26. Official Notice is taken that it is old and well-known in the art to provide a 
predetermined response in lieu of data upon receipt of an access request to 
restricted assets. 
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It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to provide a predetermined response in lieu of data upon receipt of an 
access request to restricted assets. One of ordinary skill in the art would have been 
motivated to perform such a modification in order to be alerted to an invalid request. 

27. Claims 3-10, 25-29, 36 and 47-48 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Hadfield et al. (Lee Hadfield, Dave Hatter, Dave Bixler, "Windows 
NT Server 4 security handbook", 1997, ISBN: 078971213-x) in view of Angelo et al. 
(U.S. Patent No. 6581162). 

28. Hadfield et al. teach a system including a secure operating mode as discussed 
above. 

29. As per claims 3-4 and 25-27 Hadfield et al. do not explicitly teach the secure 
operating mode that comprises a system management mode and an initiation 
register, wherein an entry in the initiation register is an indication to change the 
operating mode of the processor to the secure mode. 

30. Angelo et al. teach a system management mode (SMM) which is entered upon 
receipt of a system management interrupt (SMW). Angelo et al. also teach SMI 
asserted by either an SMI timer or by a system request upon which the entire CPI 
state is saved in the SMM memory. After the initial processor state is saved, the 
processor begins executing an SMI handler routine providing security services (col. 
7 line 43- col. 8 line 4). 

The above reads on receiving a request to change the computer system from the 
first operating mode to the secure operating mode, providing an entry into an 
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initiation register and asserting the control signal indicative of the entry providing a 
system management interrupt. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to utilize a secure operating mode that comprises a system management 
mode and an initiation register, wherein an entry in the initiation register is an 
indication to change the operating mode of the processor to the secure mode as 
taught by Angelo et al. One of ordinary skill in the art would have been motivated to 
perform such a modification so that secure assets are not accessible during normal 
computer operations. 

31 .As per claims 5, 7-9, 28, 36 and 47 Hadfield et al. do not explicitly teach a kick-out 
timer configured to provide an indication to the processor of when the processor is to 
exit the secure mode. 

32. Angelo et al. teach timers (col. 4 line 58). When the computer system detects a 
request for secure communications or any event requiring secure entry of encryption 
information, control then proceeds to the step where appropriate registers in 
aprocessor are loaded prior to execution of the SMI code (Fig. 5, col. 9 lines 3-13). 
The computer systems don't wait indefinitely for input of time sensitive information 
like passwords. A timer measuring a time period in which the computer system is in 
the secure operating mode, and providing a control signal to exit the secure mode in 
response to the time period in which the computer system is in the secure operating 
mode exceeding a predetermined length of time are used to complete indefinite 
sessions. 
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It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to implement a kick-out timer configured to provide an indication to the 
processor of when the processor is to exit the secure mode. One of ordinary skill in 
the art would have been motivated to perform such a modification in order to 
increase system security without exposing the system indefinitely when no action is 
performed. 

33. As per claims 6,10, 29 and 48 Hadfield et al. in view of Angelo et al. do not teach a 
kick-out timer configured to provide an indication to the processor of when the 
processor is to exit the secure mode into a standard mode. 

Official Notice is taken that it is old and well-known practice in the art to implement a 
kick-out timer configured to provide an indication to the processor of when the 
processor is to exit the secure mode into a standard mode. One of ordinary skill in 
the art at the time of applicant's invention would be motivated to occasionally : 
validate the user (e.g. by requesting a password) to minimize possibilities where the 
system could be compromised. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
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TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571 )272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse can be reached on (571)272-3838. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). y% 





